Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, February 16, 2007

Ensuring a Successful Partnership with Your MSSP

Securing information assets has become a highly complex function demanding significant investment in process definition, security expertise, systems, and infrastructure.  Compounding these challenges, it requires internal alignment between the various business units, IT organization and security teams to ensure the tensions between availability and security are well balanced.  An internal approach requires a staff with security expertise, in addition to systems, toolsets, and processes to maintain an organization’s security posture around the clock.  Organizations that have time and money to implement an internal solution benefit from their ability to fully customize the solution, to integrate internal systems including their ticketing environment and/or patch management systems, and to retain internal security knowledge.  If an organization is willing to share its network visibility with a trusted MSSP partner, it can benefit from shorter implementation time, skilled personnel, predictable cost, and a constant security posture through the partner’s ability to identify security events in a proactive manner, and provide an organization with refined information to take action on.  An MSSP can help remove the burden of managing and monitoring security devices and offer the earliest possible warning of new threats emerging on the Internet and corporate networks.

Organizations that select an MSSP as a security partner should be prepared to integrate the MSSP’s people, processes, and technology with their own to effectively improve their security posture.

Ensuring the long-term success of a security partnership is based on four key areas of focus: trust, operational extension, service reviews, and parallel roadmaps.

Managed security service providers that have earned certification under a widely recognized standard such as BS7799 have demonstrated their expertise in establishing, implementing, and documenting effective information management systems.  Another certification, the Statement of Auditing Standard No. 70 (SAS 70) Type II, also provides client organizations assurances regarding specific control objectives that the MSSP has designed to meet customers’ unique needs.

Many companies, particularly financial services and other highly regulated organizations, require credible proof that an MSSP has processes and controls in place to provide a consistent, stable, and secure environment to safely monitor and manage customer data throughout the organization. 

This requires an MSSP to have the depth and breadth of expertise to meet an organization’s current security needs.

Posted on 02/16